Month: January 2017

Categories
Security

Rootkit Hacks are Nasty, But Preventable

b2ap3_thumbnail_rootkits_good_or_bad_400.jpg The challenge for business owners is that there are so many different types of online threats, it borders on impossible to protect themselves from all of them. All of these threats hold limitless possibility to ruin your organization’s operations, either short-term or long-term. One of the most common threats out there is called a rootkit hack, and it’s one that you certainly don’t want to mess around with.

Defining a Rootkit Hack
Rootkits are malware that sit on a device for extended periods of time, often undetected for weeks, months, or even years. In this sense, they are very similar to trojans, which hide on networks and are capable of dodging security tools like antivirus and firewalls. Rootkits, however, aren’t designed to allow for backdoor access at a later date (though they certainly could be capable of doing so). Instead, a rootkit focuses on giving hackers administrator permissions so they can access systems in a pseudo-”legitimate” manner. The unfortunate side-effect for the user is that everything they are using the infected computer to do is being intercepted and controlled by someone else, placing them at the mercy of the hacker.

What’s even more confusing is that not all rootkits place your business at risk. In fact, many organizations that provide technical support for IT assets use rootkits for remote access and maintenance. The problem is that rootkits allow hackers to steal information, which can lead to a disaster.

How a Rootkit Works
The first step in a rootkit’s exploitation is seizing administrator control. Once the hacker has done so, their options are limitless. They can perform tasks such as deleting important files, installing software (like spyware), changing programs, recording keystrokes, and so much more. Hackers could steal vital information like credentials, access logs, or other important data. Furthermore, rootkits are usually software-based, though hardware-based rootkits accomplish a similar role and are arguably easier to identify. Just look for any piece of technology that looks like it doesn’t belong.

How to Prevent Rootkit Hacks
Protecting yourself from hacking attacks doesn’t have to be hard, but the sheer amount of possibility involved with them can be daunting. Rootkits can make their way into your network through the use of infected downloads, phishing scams, malicious URLs, and countless other ways. Always check to ensure the authenticity of what you’re downloading, and make sure to stay away from potential outlets of malware or other sketchy websites known for spreading malicious software.

By keeping these security discrepancies in mind, and by maximizing your use of best practices, you can effectively keep exposure to threats at a minimum. An enterprise-level security solution also goes a long way toward keeping your business safe, along with a firewall, antivirus tool, web content filter, and spam blocker. These solutions all take preventative measures to limit exposure to threats, taking some of the difficulty out of managing network security.

What To Do
If something seems out of place with your computer, disconnect your PC from the Internet and all internal networks immediately. This prevents remote access control and data leakage from rootkit hacks, but most importantly, you isolate the problem so that it can’t spread. If you don’t know how to get rid of the problem, professional technicians like those at COMPANYNAME have your back.

To get to the root of all manners of cyber threats, reach out to us at PHONENUMBER.

Categories
Technology

Explaining Managed IT to Busy Business Owners

b2ap3_thumbnail_managed_it_service_agreement_400.jpg As a business, you focus on providing a specific good or service to your area. This means spending a considerable amount of time trying to make your organization the go-to SMB for that particular service. All organizations specialize in a certain craft, but sometimes their skills may fall short of their needs in areas that lay outside this expertise. Outsourcing is a simple way for businesses to leverage skills that aren’t part of their expertise without taking the time to learn the skill themselves, and it’s an invaluable part of any business owner’s strategy.

Let’s use managed IT services as an example. While enterprises might have the budget and workforce to accommodate managing on-site networks and hardware, it’s unlikely that the SMB does as well. Technology maintenance requires careful attention to detail, which can only be offered by trained professionals who understand the importance of their task. IT maintenance and management isn’t something that can be learned overnight.

While the benefits are significant, the major roadblock for organizations isn’t implementing a new IT management model; rather, it’s their limited budget. They struggle to resolve problems with their IT systems without breaking their budget, and the typical break-fix IT company isn’t devoted to saving them any cash on technology repair. Instead, a managed service provider tries to take proactive measures to prevent issues from happening in the first place.

Comparing the two solutions side by side gives more than enough reason to forsake break-fix IT services. If you can prevent problems from happening in the first place, why wouldn’t you? When a server or workstation breaks down, countless files and hours of productivity are lost, making recovery difficult, if not impossible.

Managed IT allows for fixed monthly payments, taking the unpredictability out of managing technology. Unlike break-fix IT, which capitalizes on your business’s technology breaking down, managed IT services aim to prevent this from happening in the first place; saving your business money in the long run. You’ll find that when you experience minimal trouble with your IT, the possibilities are quite literally endless. You can invest more time and money into your business’s other aspects.

To learn more about managed IT services, reach out to us at PHONENUMBER.

Categories
Best Practices

Tip of the Week: Worried About Identity Theft at Work? Follow These Tips for Peace of Mind

b2ap3_thumbnail_protect_your_workers_identities_400.jpg The Bureau of Justice estimated that five percent of the entire U.S. population were victimized by identity thieves, a total of 11.7 million people. While the methods of collecting the data that identity thieves need to commit their crime vary from dumpster diving for carelessly discarded documents, to email phishing scams, there is a particular target that can easily supply them with the data they will need: the workplace.

While many businesses must collect a lot of personal data from their clients for billing purposes, their employees are also made vulnerable if some of that data was to be absconded with. After all, in order to properly pay an employee for their work, an employer will need a lot of their personally identifiable information on record. As a result, a workplace becomes a high-value target for someone seeking the data necessary to complete fraudulent actions in someone else’s name and becomes the responsibility of the entire business to safeguard that data, for the sake of their employees and their clients.

To that end, every employee should be educated in the best practices for protecting a company’s trove of sensitive information, and policies need to be implemented and enforced to ensure that these best practices are followed. To get you started with securing your office, make sure these four best practices are followed by everyone associated with your company.

Don’t Leave Workstations Unattended
Computers need to be locked and only accessible by its user’s password. Otherwise, anyone (be it a less-than-trustworthy employee or someone off the street stumbling across an opportunity) could access that workstation and any company documents available to that employee.

Go Paperless
Identity thieves love paper trails. Whether it be copies of sensitive files that make their way to the trash, or even documents that get left lying around the office, the fact of the matter is that having paper copies of sensitive information only increases the risk that this information will get stolen. Going paperless is a way to minimize this risk entirely.

Train Employees to Know What Email Scams Looks Like
Scams targeting email inboxes are some of the top ways that identities are compromised. Therefore, in addition to having a good spam blocking solution in place, you’re going to want to make sure that every worker knows what an email scam looks like so they won’t fall for one. You may know how to spot an obvious email scam, like an unsolicited email requesting sensitive information, but how sure are you that your staff knows what a scam looks like as well?

Implement Enterprise-Level Security Solutions
Without proactive solutions in place to protect your company’s sensitive data, it could easily fall into the wrong hands if a hacker breached your network. Every business needs to have security tools in place like antivirus, firewalls, spam-blocking, and content filtering. Thankfully, a solution like a Unified Threat Management tool offers businesses an easy way to get this kind of comprehensive protection in one easy-to-implement package!

Of course, there are many other steps to take to prevent your workplace from becoming an identity thief’s jackpot. COMPANYNAME can help advise you on the other steps your business needs to take in order to keep the identities it deals with properly protected. Call us today at PHONENUMBER for more information on the steps you need to take to prevent identity theft.

Categories
Business

Millennials to Make Up ⅓ of the Workforce. What’s This Mean for Your Business?

b2ap3_thumbnail_millennials_400.jpg Millennials are entering the workforce at a considerable rate. In fact, some experts claim that millennials will soon make up at least one-third of the entire workforce. Thus, it’s important for both employers and workers from previous generations to understand how this generation thinks, acts, feels, and most important of all, works.

Traditional vs Flexible Work Hours
One of the most prominent trends seen in millennial workers is that they have a strong desire to keep a balance between their professional and personal lives. Yet, this desire isn’t necessarily exclusive to them. It’s reasonable to suggest that most workers would prefer this type of work-life balance. Commonly seen amongst millennials is their desire to work hard during their scheduled hours, but they still want to go home at the end of the day. Basically, they want some sort of control over how their time, both in and out of the office, is spent.

A great example of this can be seen in the daily commute. Millennials might be fine with driving to the office, but it’s probably safe to say that they would rather be using time spent on a commute to get right to work remotely. To put this claim in perspective, let’s take a look at some recent statistics. There are currently around three million remote workers in America, and this is expected to grow by 63 percent in the next five years. Pew Research Center suggests that 64 percent of millennials would at least like the option to work from home on occasion. Similarly, Pew found that 66 percent of millennial workers would prefer a shift in their work hours, allowing for a more flexible work/life balance.

Career Growth and Improvement
One of the top priorities of millennial workers is that they want to experience growth and improvement in their professional lives. They aren’t going to be satisfied with just one job in their lives. They always seek both professional and financial opportunity, and it’s something that they hope to get from your business. Rather than having a direct supervisor, they want to consider authority figures within your organization to be mentors; someone who helps them learn how to do their job better.

These workers will also want to provide their own individual input into big projects, and they want to feel valued and validated. One way you can accomplish this is by giving new hires small responsibilities at first, and offering the possibility of expanding on these responsibilities in the future. Provide quality feedback and tell them what they are doing right (or wrong) so they can plan out the next step of their professional development.

Technology is Second-Nature to Them
Last but not least, it’s crucial that your business understand that millennials have grown up surrounded by the technology that many take for granted today. They can adapt to systems quickly and efficiently, and (since they want to be challenged) this gives them a great opportunity to test themselves with new software or hardware solutions. By letting them use the latest and greatest technology solutions, you’ll give them a great incentive to stick around longer.

If you want to ensure that your millennial employees will hang around and continue to be a benefit to your organization, COMPANYNAME can equip your business with the latest technology solutions. To learn more, reach out to us at PHONENUMBER.

Categories
Security

The “S” in HTTPS is More Important Than You May Think

b2ap3_thumbnail_secure_web_browsing_400.jpg It would be an understatement to say that security, particularly encryption, is important while browsing the web. Though it was only recently that encryption became a major pain point for government regulation, encryption has been around for a very long time. The average user can get a taste of online encryption through the average website security certificate.

Hypertext Transfer Protocol, with an S on the end for “security,” is designed to protect a website visitor’s privacy by encrypting information sent from the website to a receiving server. Ordinarily, the connection wouldn’t be private, so data can be accessed while it’s in transit. This is why HTTPS is commonly used on pages that require sensitive credentials, like passwords, usernames, credit card numbers, Social Security numbers, and so on. For example, banking institutions and other accounts that are linked to financial credentials (like any payment pages on websites) need to be using a security certificate to guarantee the user’s security.

One good way of describing online encryption is like a pipe. A normal HTTP connection is like a transparent pipe that you can see through. Hackers can collect data while it’s in transit because the pipe is see-through. Now, imagine the same pipe, only with an opaque hue to it. You can still see the insides, but they’re hidden and jumbled to the point where you can’t get a clear image. This is what it’s like for hackers to see encrypted data; they may have stolen it, but it’s locked down and indecipherable, making it essentially worthless.

The main thing that the average business owner must understand about HTTPS and online encryption is that you need to drill best practices of handling data into your employees as early and as often as possible. Before entering sensitive information into any website, be sure to look for the following abnormalities:

  • A lack of a security certificate: Before you enter any information into a website, make sure that it’s protected by a security certificate. You can verify that a website is secure by clicking on the green padlock icon next to the URL’s name in the address bar. It’s important to keep in mind that, while SSL and TLS might largely seem like the same thing, SSL is an antiquated security protocol that, thanks to vulnerabilities like POODLE (a man-in-the-middle exploit), could be dangerous.
  • Suspicious URLs or domain names: Sometimes hackers will create a site that looks exactly like a banking institution’s website, and use it to steal credentials. They will use sneaky tactics to make you think that what you’re looking at is the real deal, but look for out-of-place letters, numbers, or symbols in the domain before thinking you’re in the clear. Basically, the site that you’re on should be the institution’s official site. If something looks out of the ordinary, contact the organization through the information that you have on file.

For more great tips and tricks on how to stay safe online, be sure to contact COMPANYNAME at PHONENUMBER.

Categories
Technology

Tip of the Week: 4 Accessories Every Smartphone Needs

b2ap3_thumbnail_smartphone_accessories_400.jpg Smartphones are very convenient technologies, but with a couple of improvements to your device repertoire, you can drastically improve both your user experience and the value of your device. Here are four smartphone accessories that can enhance the way you use your mobile device.

Portable Battery Pack
Sometimes, no matter how much you charge your battery, you might find yourself falling short of the juice required to work while on the go. You aren’t always going to have access to an outlet, and even a quick charge may not be enough to get the job done. In instances like this, a portable battery pack is a huge help. There are battery packs available that are compatible with modern USB technology, so all you have to do is plug in your phone to charge your device. For starters, you can check out this one made by Anker.

A Long USB Cord
Your typical smartphone charging cable is generally only a few feet long, which means it’s easy to come up short when you need a charge. If you regularly find yourself needing the extra length, you can try out this huge USB cord by Anker. It makes a perfect partner for the portable battery pack we brought up. Plus, this cord is built out of some pretty hefty material, which means that you won’t have to worry about your pet chewing it, or severing it unexpectedly when moving a heavy piece of furniture around. With reinforced stress points, the cord can be bent and wrapped up for quite a bit, making it a long-lasting solution to your USB cord woes.

Bluetooth Headset
How often do you find yourself sick and tired of holding a phone to your face while trying to get work done? In cases like this (particularly long meetings with no end in sight), a Bluetooth headset for your smartphone can come in real handy. All you have to do is tether the device to your smartphone, pop it in your ear, and voila–you have a hands-free way of talking on the phone while getting to your work.

Other Bluetooth Technology
Basically, anything that uses Bluetooth technology is great for your smartphone, as it allows you to wirelessly tether devices to it. For example, you could use a wireless keyboard when you need to write a document or email. If you want to listen to music, you could hook up a pair of Bluetooth headphones so as not to bother others who might be in the vicinity.

What are some other great accessories that you can use for your mobile device while out and about? Be sure to let us know in the comments, and subscribe to our blog for more great tips and tricks.

Categories
Security

Let the 80/20 Rule Be Your Guide for IT Security

b2ap3_thumbnail_eighty_twenty_rule_for_it_400.jpg IT security is something that businesses of all shapes, sizes, and varieties have to be concerned about. You’ll be faced with the question of whether you have adequate security practices on a daily basis. For help with understanding why the smallest vulnerabilities often result in the most data loss, look no further than the 80/20 rule.

This rule, often called the Pareto Principle , is defined as such by Investopedia: “[the Pareto Principle] specifies an unequal relationship between inputs and outputs. The principle states that 20 percent of the invested input is responsible for 80 percent of the results obtained. Put another way, 80 percent of consequences stem from 20 percent of the causes.”

In other words, the Pareto Principle is a strategy that attempts to explain how you should delegate your organization’s security resources in order to maximize the security you get. In this case, you are using your assets to protect your network from online threats. However, you might realize that even if you search and search for network vulnerabilities, you won’t find all of them. There are simply too many threats out there to identify. Instead, you use the Pareto Principle to identify where you can do the most good for your organization’s network security.

This principle can also work in reverse; only 20 percent of the vulnerabilities on the Internet lead to 80 percent of the data loss. When you think about it, this makes sense. How often do you hear about major data breaches in which multiple vulnerabilities were exploited? Instead, it’s usually just one major hack that led to many compromised accounts.

Yet, the biggest part of effectively using the 80/20 rule is determining what your priorities should be, and which threats are the most dangerous. After all, if everything is a priority, then nothing can get done. This results in all-around subpar security that leaves large threats unchecked.

A penetration test can help COMPANYNAME  to find where your organization’s most important security flaws lie. We can locate and resolve your most critical security flaws through a process called Remote Monitoring and Management (RMM), which allows us to connect to your office’s technology solutions and issue the required patches and security updates without an on-site visit. In fact, most situations will only call for remote access, so you can save both time and money with an RMM tool.

In fact, there’s one solution that is capable of protecting the majority of your network without much effort at all. It’s called a Unified Threat Management solution, and it includes all of the major components of network security in one convenient package. With an enterprise-level firewall, antivirus, spam blocker, and content filter, you can know with certainty that one solution covers the majority of the challenges presented by network security.

With COMPANYNAME’s managed IT services, you’re creating many opportunities for enhanced network security, improved network performance, and optimized operations. To learn more about how we make technology work for you, reach out to us at PHONENUMBER.

Categories
Security

From Heart Attack to Hack Attack: Hackers Can Now Control Pacemakers

b2ap3_thumbnail_medical_device_hacks_400.jpg Medical technology has allowed for vast improvements in the way that conditions are treated. For example, the pacemaker allows some people with heart conditions to live longer and more comfortably. However, a European research team has concluded that even pacemakers are susceptible to being hacked, with deadly results.

The researchers made a note to describe the dangers of using implantable cardioverter defibrillators, from a hacking standpoint. Many modern pacemakers have the ability to communicate with other devices. While this capability is designed as a benefit to the patient, allowing the devices to be examined without an invasive surgical procedure, it can have dire consequences if hacked. If the patient is away from the doctor’s office within two hours, the pacemaker can still receive signals from other devices, thus making it vulnerable to a cyber attack.

Hackers can send a signal to the pacemaker that keeps the device from returning to “sleep mode,” which is what makes it vulnerable to exploitation. By analyzing the signals sent to the tested devices, researchers could spot various ways that a hacker would use this exploit. The results varied from draining the battery’s life to stealing personal data that may be stored on it. In other words, the hacker can make the patient’s life rather difficult by either turning off the device, or stealing data and using it to steal their identity. Hackers could even activate the pacemaker’s resuscitation shock without need, jolting the heart and making things difficult for the victim.

There are at least 10 different types of lifesaving devices that are vulnerable to this simple exploit. In fact, the hacker doesn’t necessarily need to know anything about the device itself. The reason why these devices are so vulnerable is thanks to the manufacturers not believing that pacemakers are clear targets of cybercriminals. This led them to release the devices without the IT security necessary to prevent these targeted attacks. The lesson learned: “Nobody will consider pacemakers a target,” is no excuse to use lackluster security.

Keep in mind that this study was conducted by researchers, rather than hackers. Still, have you ever considered the fact that your organization could be at serious risk? Some SMBs are under the impression that their small size means that they aren’t a target. However, most hacking incidents aren’t targeted events, and are instead massive campaigns meant to infect anything and anyone who happens to click on the wrong link. Furthermore, all businesses have some data that’s worth stealing, like employee records and financial credentials, and it needs to be protected properly.

If you want to maximize your company’s security, give COMPANYNAME a call at PHONENUMBER.

Categories
Business

Tip of the Week: 4 Ways to Attract and Retain Top Talent

b2ap3_thumbnail_attract_talent_400.jpg The endgame for most businesses is to improve what they do and increase their profitability. While this might mean selling more products, getting more customers or clients, or a myriad of other metrics, the driving force behind your business’s operations–your employees–are crucial toward this goal.

Top talent can be difficult to come by. There are several factors that come into play, especially in a competitive industry. However, employees that go above and beyond are easily worth the struggle that it takes to find them. Therefore, it makes perfect sense to do everything you can in order to make your business attractive to them. Here are four ways that you can make your business a magnet that attracts talented workers.

Offer Benefits
One of the most effective ways to attract new employees is by offering benefits and sign-on bonuses. However, this can lead to you getting more applications than you have time to go through, with many of them possibly not being qualified for the position at all. On the other hand, this makes a particularly impressive employee stand out from the rabble.

In fact, these benefits don’t necessarily have to involve finances. Instead, something as simple as flexible work hours, career advancement, and education may be motivation enough.

Challenge Them
Hard workers appreciate challenges as they provide a valuable outlet for users to test themselves. When you’re looking for new employees, consider implementing some sort of challenge or homework assignment that you can use to gauge whether the prospective employees actually know what they’re doing. This effectively helps you cut down on unqualified applicants, while also allowing you to engage your prospects from the get-go.

Idealize the Workplace
You can hire as much talent as you want, but if you don’t provide your high-demand talent with a great work environment, they may pack their bags and look for a place that does. Be sure that you emphasize to your new onboards what the strengths of your company are, and allow the prospective employees to get a feel for your workplace. Plus, if your current employees have plenty of good to share about the company with the prospect, they’ll be more likely to seal the deal themselves.

Provide the Latest Technology
It’s a known fact that the latest technology can significantly improve the way that you do business, but did you know that it’s also great for attracting new workers? A study of millennial workers found that 42 percent of them will seriously consider leaving a job if the technology used by the company doesn’t meet their high standards. It’s important to keep in mind that they will make up the majority of the workforce as early as 2020.

One of the ways that you see millennials using their technology in the office is through the use of smartphones, which can also put your business at risk. Be sure that you implement a solid BYOD policy and ensure that they adhere to it. COMPANYNAME can provide you with the assistance needed to do so.

Basically, these four tips are meant to help you attract the best talent possible. Plus, if you manage to get some good employees, that means that they aren’t working for your competition, which is always a plus.

Bonus Tip: Outsource the Technology Upkeep and Maintenance
One of the biggest issues that SMBs might have is finding qualified technicians to take care of their office technology solutions. While this is a challenge, it doesn’t necessarily have to be. Outsourcing services like IT is often preferable to hiring new employees and adding new salaries to your budget. Instead, all you have to do is make room for an IT budget, which can save you plenty of capital in the long run, and then be used to onboard talented staff. In fact, we highly recommend outsourcing as much as possible. To get started, reach out to us at PHONENUMBER.

Categories
Business

Is Break-Fix IT Breaking Your Budget?

b2ap3_thumbnail_managed_services_agreement_400.jpg Most modern businesses rely on specific technology solutions to ensure operations can work as intended. This includes servers for data storage, networks for data distribution, and workstations for employee productivity. Of course, you have to wonder if this is wise; after all, what happens when this technology fails?

Break-fix IT used to be the staple for business technology maintenance. Organizations would use their technology solutions until they broke down, and would only utilize IT when it needed to be fixed. At the same time, companies would have to struggle with downtime–any time when technology isn’t working as intended. This can quickly lead to a time sink in which you’re losing out on possible revenue, all while fixing technology issues that could have been prevented in the first place. These big hits to budgets can make operations difficult even after recovering from downtime.

Managed IT services are an option that modern SMBs have in order to bypass the shortcomings of break-fix IT. Instead of only resolving IT issues as they happen, proactive managed IT aims to take preventative measures to keep problems from happening in the first place. This includes most all solutions that are managed and hosted by a third-party provider, with the intention of removing responsibilities from your in-house team. Unlike your in-house team, who may struggle with managing some aspects of your technology, you can rely on a third-party managed service provider to guarantee that your technology gets the attention it needs.

A good comparison would be comparing an automobile to managed IT services. If your car is making weird sounds, like the engine spitting and sputtering, you’ll naturally want to get it checked for major problems. However, due to the cost of vehicle maintenance, you might choose to forego maintenance. After all, your car still runs, so surely the problem can wait a bit. In this case, it’s better to get the problem resolved quickly before a motor problem leaves you stranded on the side of the road, with both a towing fee and the repair costs.

On the other hand, having your own team of mechanics that can repair and maintain your car for a monthly fee is a better investment, as they will perform the tuneups and the maintenance needed to keep your car in good shape. This is what having managed IT services feels like.

Preventative maintenance can help to keep technology solutions from experiencing hardware failure for as long as possible. No technology lasts forever, so the ideal way to minimize the damage done by hardware failure is to plan for it. By implementing preventative solutions like data backup and disaster recovery, you can limit how much damage downtime causes your organization, and you’ll be able to make the transition to new technology much easier.

Does your business use proactive maintenance to mitigate threats to your business? If not, reach out to us at PHONENUMBER.